Sr Cybersecurity Engineer

About The Position

Requirements

• Knowledge of TCP/IP networking, OSI model and IP subnetting
• Knowledge of analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs
• Knowledge of the NIST Incident Response Life Cycle and the MITRE ATT&CK Framework
• Knowledge of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
• Knowledge of cloud incident response on platforms like Azure
• Hands‑on experience responding to security incidents in cloud and on-prem environments
• Experience writing and optimizing Splunk queries for investigation and threat hunting across various data sources
• Ability to use scripting and automation to acquire evidence, investigate at scale, and accelerate response actions
• Experience translating investigations into repeatable response processes, documentation, and improvement opportunities for detection and prevention
• Demonstrated ability to communicate across multiple levels of stakeholders
• Ability to document and summarize technical evidence and findings
• Good interpersonal, verbal, and written communication skills across various mediums
• Detail oriented with good analytical skills and ability to formulate decisions based on evidence gathering
• Ability to exercise prudent judgment and offer knowledgeable recommendations
• Ability to work both independently and in a team environment
• Ability to manage multiple projects, tasks, and investigations
• Ability to work in sensitive situations
• Be a reputable representative of the department
• Ability to use AI tools (e.g., Microsoft Copilot) to support daily work
• Skills in evaluating AI outputs for accuracy, compliance, and bias
• Experience integrating AI into workflows to improve efficiency or insights
• Familiarity with AI assisted research, summarization, and content generation
• Understanding of responsible AI use, including ethics and data protection
• 3-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
• 3-5 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
• High School Diploma or equivalent required
• Bachelor’s Degree in related field or equivalent work experience strongly preferred

Nice To Haves

• One or more security related certifications, such as CISSP, CCNP-Security, GIAC, CEH, or CPTS highly preferred

Responsibilities

• Participate in incident investigations, covering detection, containment, eradication, recovery, and post-incident reviews
• Perform analysis of various log sources, SIEM alerts, IDS/IPS alerts, host activity, and network traffic to identify suspicious or unauthorized activity
• Act as the senior escalation point for complex investigations, providing investigative direction and response strategy
• Develop and standardize incident response playbooks to improve consistency and efficiency
• Identify and codify attacker TTPs and IOCs, feeding them into detection pipelines and IR playbooks
• Stay current with evolving attack techniques and security technologies to design, build, and continuously refine cloud detections and alerts across Azure and Microsoft 365
• Participate in an on‑call rotation to support timely response to security incidents outside of standard business hours

Benefits

• 401K matching
• bonding leave for new parents (12 weeks, 100% paid)
• tuition assistance
• training
• GM employee auto discount
• community service pay
• nine company holidays